Last updated: 2026-04-24
This page explains what information kharypenebaker.com collects, how it’s used, and who it’s shared with. If you have a question that isn’t answered here, email [email protected].
Who runs this site
This site belongs to Khary Penebaker, based in Wisconsin. The site shares speaking information, a blog, advocacy work, and a booking form for event organizers.
What data the site collects
When you submit the booking form or the contact form, the site records your name, email, and the details you enter. The site also records the IP address of the submission and a timestamp. That information is stored in the WordPress wp_options table. The IP and timestamp are kept so the site can rate limit abusive submissions and block spam.
If you sign up for the lead magnet on the homepage, the site stores your email address and the submission IP in wp_options for the same reasons.
The site does not run third party advertising, and it does not set marketing cookies.
Cloudflare Turnstile
Both the booking form and the contact form use Cloudflare Turnstile to tell humans apart from bots. Turnstile collects a browser fingerprint and related signals in your browser, and Cloudflare Inc. evaluates them on its servers. Cloudflare’s privacy practices apply to that data. You can read them at cloudflare.com/privacypolicy.
Cloudflare CDN and Sucuri web application firewall
Site traffic passes through Cloudflare’s CDN and Sucuri’s web application firewall before it reaches the origin server. Both services inspect request headers and payloads to block attacks and cache content. Standard server logs at each layer include IP address, user agent, and request path. Cloudflare’s privacy policy covers the CDN layer. Sucuri’s privacy policy is at sucuri.net/privacy-policy.
EWWW Image Optimizer
Images on the site are optimized and converted to WebP by the EWWW Image Optimizer plugin. That process runs on the server. It does not collect personal information about visitors.
Google Apps Script webhook
When the booking form or contact form is submitted, the form data is posted to a Google Apps Script webhook that I maintain. The webhook relays the message to my inbox at [email protected]. That means the content of your submission transits through a Google hosted script before it reaches my email. Google’s data processing terms apply to that leg.
Yoast SEO and schema
Yoast SEO and a custom schema plugin publish structured metadata about public pages and posts so search engines can describe the site. Only public content is included. No visitor data is collected or shared this way.
Cookies
The site uses WordPress session cookies to keep admin logins and form sessions working. Cloudflare sets anti bot cookies to reduce abuse. No tracking or advertising cookies are set.
How long data is kept
Form submissions stay in the wp_options table indefinitely. If you want your submission or email deleted, send a request to [email protected] with enough detail to find the record. I’ll remove it within a reasonable window and confirm by reply.
Your rights
If you’re in the European Economic Area, the United Kingdom, California, or any other jurisdiction with data protection rules, you can ask what information the site holds about you, request a copy, correct it, or request deletion. Email [email protected] to make a request.
Security
The site runs on a hardened WordPress install behind Cloudflare and Sucuri, with rate limiting and spam protection on every form. No system is perfect. If you spot a security issue, please email [email protected].
Changes
If this policy changes in a material way, the “Last updated” date at the top of this page will change with it.
Contact
Email: [email protected]
Last updated: April 24, 2026